Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-002)

The version of kernel installed on the remote host is prior to 5.4.110-54.182. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-002 advisory. 2024-09-12: CVE-2021-4442 was added to this advisory. An issue was discovered in the Linux kernel...

GSD-2022-1000501 misc: fastrpc: avoid double fput() on failed usercopy

misc: fastrpc: avoid double fput on failed usercopy This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.10 by commit...

GSD-2022-1000424 misc: fastrpc: avoid double fput() on failed usercopy

misc: fastrpc: avoid double fput on failed usercopy This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.24 by commit...

GSD-2022-1000364 misc: fastrpc: avoid double fput() on failed usercopy

misc: fastrpc: avoid double fput on failed usercopy This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.101 by commit...

GSD-2022-1000337 misc: fastrpc: avoid double fput() on failed usercopy

misc: fastrpc: avoid double fput on failed usercopy This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.180 by commit...

GSD-2021-1002150 misc: fastrpc: Add missing lock before accessing find_vma()

misc: fastrpc: Add missing lock before accessing findvma This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15 by commit...

UVI-2021-1002150 misc: fastrpc: Add missing lock before accessing find_vma()

misc: fastrpc: Add missing lock before accessing findvma This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15 by commit...

GSD-2021-1002083 misc: fastrpc: Add missing lock before accessing find_vma()

misc: fastrpc: Add missing lock before accessing findvma This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.14.14 by commit...

UVI-2021-1002083 misc: fastrpc: Add missing lock before accessing find_vma()

misc: fastrpc: Add missing lock before accessing findvma This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.14.14 by commit...

UVI-2021-1002031 misc: fastrpc: Add missing lock before accessing find_vma()

misc: fastrpc: Add missing lock before accessing findvma This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.75 by commit...

GSD-2021-1002031 misc: fastrpc: Add missing lock before accessing find_vma()

misc: fastrpc: Add missing lock before accessing findvma This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.75 by commit...

Vulnerability of the fastrpc_internal_invoke function (drivers/misc/fastrpc.c) in the Linux operating system kernel, allowing a hacker to execute any control command

The vulnerability of the fastrpcinternalinvoke function drivers/misc/fastrpc.c in the Linux kernel is related to insecure privilege management. Exploiting this vulnerability could allow an attacker to execute arbitrary control commands...

CVE-2021-1958

A race condition in fastrpc kernel driver for dynamic process creation can lead to use after free scenario in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wearables...

Race condition

A race condition in fastrpc kernel driver for dynamic process creation can lead to use after free scenario in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wearables...

CVE-2021-1958

A race condition in fastrpc kernel driver for dynamic process creation can lead to use after free scenario in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wearables...

CVE-2021-1958

CVE-2021-1958 describes a race condition in the Qualcomm fastrpc kernel driver used for dynamic process creation, leading to a possible use-after-free in Snapdragon Auto, Connectivity, Mobile, and Wearables. The underlying issue is a race in the kernel driver that can compromise memory safety. Do...

Qualcomm 芯片资源管理错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc., and from time to time fabricated on the surface of semiconductor wafers. The Qualcomm chip suffers from a resource management error vulnerabilit...

ASB-A-183188047

In fastrpcinternalinvoke of drivers/misc/fastrpc.c, there is a possible way for user-mode processes to send fastrpc kernel requests due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed fo...

Remote Procedure Calls

linux kernel is vulnerable to remote procedure calls. The vulnerabilities exists due to fastrpcinternalinvoke in drivers/misc/fastrpc.c does not prevent user applications from sending kernel RPC messages...

Ubuntu: Security Advisory (USN-4945-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...